petersweb-infra/nixos/system/users.nix

75 lines
1.7 KiB
Nix
Raw Normal View History

2024-11-15 22:00:01 -09:00
{
pkgs,
config,
nix-index-database,
lib,
...
}: let
makeUser = {
username,
home,
extraGroups,
authorizedKeys,
homeConfig ? null,
isNormalUser ? true,
2025-05-05 18:16:32 -08:00
enableHomeManager ? false,
2024-11-15 22:00:01 -09:00
}: {
extraGroups = extraGroups ++ [username];
2025-05-05 18:17:40 -08:00
home-manager.users.${username} = if enableHomeManager then homeConfig else {};
2024-11-15 22:00:01 -09:00
users.users.${username} = {
isNormalUser = isNormalUser;
shell = pkgs.zsh;
openssh.authorizedKeys.keys = authorizedKeys;
home = home;
};
users.groups.${username} = {
name = "${username}";
members = ["${username}"];
};
};
dir = builtins.toString ../keys/authorized_keys;
files = builtins.attrNames (builtins.readDir dir);
authorizedKeys = map (file: builtins.readFile "${dir}/${file}") files;
rootUser = makeUser {
isNormalUser = false;
username = "root";
home = "/root";
2024-12-06 22:44:07 -09:00
extraGroups = ["podman"];
2024-11-15 22:00:01 -09:00
authorizedKeys = authorizedKeys;
2025-05-05 18:16:32 -08:00
enableHomeManager = true;
2024-11-15 22:00:01 -09:00
homeConfig = import ./home/root.nix {
username = "root";
inherit config pkgs nix-index-database lib;
};
};
ironmagmaUser = makeUser {
username = "ironmagma";
home = "/home/ironmagma";
extraGroups = [
"wheel"
"docker"
2024-12-06 22:44:07 -09:00
"podman"
2024-11-15 22:00:01 -09:00
];
2024-11-16 00:04:48 -09:00
authorizedKeys = authorizedKeys;
2025-05-05 18:16:32 -08:00
enableHomeManager = false;
2024-11-15 22:00:01 -09:00
homeConfig = import ./home/ironmagma.nix {
username = "ironmagma";
inherit config pkgs nix-index-database lib;
};
};
in {
users.groups.repo-data = {
name = "repo-data";
members = ["nginx"];
};
users.users = rootUser.users.users // ironmagmaUser.users.users // {};
2025-05-05 18:17:40 -08:00
home-manager.users = rootUser.home-manager.users;
2024-11-15 22:00:01 -09:00
}